× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9427bff596c6c897e25fd4bde966db0162fedb22394e848bf18b8f83528d2d9c
File name: output.113475888.txt
Detection ratio: 36 / 67
Analysis date: 2018-06-20 14:54:32 UTC ( 11 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Johnnie.108019 20180620
AegisLab Troj.Msil.Agent!c 20180620
ALYac Gen:Variant.Johnnie.108019 20180620
Antiy-AVL Trojan/MSIL.Agent 20180620
Arcabit Trojan.Johnnie.D1A5F3 20180620
Avast Win32:Malware-gen 20180620
AVG Win32:Malware-gen 20180620
Avira (no cloud) HEUR/AGEN.1020676 20180620
BitDefender Gen:Variant.Johnnie.108019 20180620
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cylance Unsafe 20180620
Cyren W32/Trojan.WSIL-0446 20180620
Emsisoft Gen:Variant.Johnnie.108019 (B) 20180620
Endgame malicious (moderate confidence) 20180612
ESET-NOD32 MSIL/Agent.APN 20180620
F-Secure Gen:Variant.Johnnie.108019 20180620
Fortinet MSIL/Kryptik.IGL!tr 20180620
GData Gen:Variant.Johnnie.108019 20180620
K7AntiVirus Trojan ( 005046851 ) 20180620
K7GW Trojan ( 005046851 ) 20180620
Kaspersky HEUR:Trojan.MSIL.Agent.gen 20180620
MAX malware (ai score=97) 20180620
McAfee Artemis!C4E6BE066579 20180620
McAfee-GW-Edition Artemis!Trojan 20180620
eScan Gen:Variant.Johnnie.108019 20180620
NANO-Antivirus Trojan.Win32.Kryptik.fefuyv 20180620
Palo Alto Networks (Known Signatures) generic.ml 20180620
Panda Trj/GdSda.A 20180620
Qihoo-360 Win32/Trojan.28b 20180620
Sophos AV Mal/Generic-S 20180620
Symantec Trojan.Gen.2 20180620
Tencent Msil.Trojan.Agent.Taew 20180620
TrendMicro TROJ_GEN.R015C0WFF18 20180620
TrendMicro-HouseCall TROJ_GEN.R015C0WFF18 20180620
Yandex Trojan.Agent!zNOR9yOThAs 20180620
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Agent.gen 20180620
AhnLab-V3 20180620
Alibaba 20180620
Avast-Mobile 20180620
AVware 20180620
Babable 20180406
Baidu 20180620
Bkav 20180620
CAT-QuickHeal 20180620
ClamAV 20180620
CMC 20180620
Comodo 20180620
Cybereason 20180225
DrWeb 20180620
eGambit 20180620
F-Prot 20180620
Sophos ML 20180601
Jiangmin 20180620
Kingsoft 20180620
Malwarebytes 20180620
Microsoft 20180620
Rising 20180620
SentinelOne (Static ML) 20180618
SUPERAntiSpyware 20180620
Symantec Mobile Insight 20180619
TACHYON 20180620
TheHacker 20180619
TotalDefense 20180620
Trustlook 20180620
VBA32 20180620
VIPRE 20180620
ViRobot 20180620
Webroot 20180620
Zillya 20180620
Zoner 20180620
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
997209AE-44D4-4BC8-A798-5EFD1F7151C3

Product 997209AE-44D4-4BC8-A798-5EFD1F7151C3
Original name DllUpdates.exe
Internal name DllUpdates.exe
File version 1.3.4.45
Description 997209AE-44D4-4BC8-A798-5EFD1F7151C3
Comments 997209AE-44D4-4BC8-A798-5EFD1F7151C3
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-07 13:41:47
Entry Point 0x00010D4E
Number of sections 3
.NET details
Module Version ID d876da96-4b66-46d3-bcc4-6526b7c7a864
TypeLib ID 997209ae-44d4-4bc8-a798-5efd1f7151c3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 9
PE resources
Debug information
ExifTool file metadata
CodeSize
60928

SubsystemVersion
4.0

Comments
997209AE-44D4-4BC8-A798-5EFD1F7151C3

InitializedDataSize
373760

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.4.45

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
997209AE-44D4-4BC8-A798-5EFD1F7151C3

ImageFileCharacteristics
Executable, Large address aware

CharacterSet
Unicode

LinkerVersion
80.0

EntryPoint
0x10d4e

OriginalFileName
DllUpdates.exe

MIMEType
application/octet-stream

LegalCopyright
997209AE-44D4-4BC8-A798-5EFD1F7151C3

FileVersion
1.3.4.45

TimeStamp
2018:06:07 15:41:47+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
DllUpdates.exe

ProductVersion
1.3.4.45

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
997209AE-44D4-4BC8-A798-5EFD1F7151C3

LegalTrademarks
997209AE-44D4-4BC8-A798-5EFD1F7151C3

ProductName
997209AE-44D4-4BC8-A798-5EFD1F7151C3

ProductVersionNumber
1.3.4.45

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
45.4.3.1

File identification
MD5 c4e6be066579822408f3fb1dec8bea94
SHA1 6c5bbcb1cbd4fcf76c1ac65e53ac2f89181358af
SHA256 9427bff596c6c897e25fd4bde966db0162fedb22394e848bf18b8f83528d2d9c
ssdeep
1536:sULke4P5NKvZwCelk0qMs60j/34UqoAcGxp13/uasBwr:sULl4POaCd73koAxbtGasBwr

authentihash 0686c6343d32713b9cc704223c298c3df90120d983306bfbf1eb88c6726d251f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 425.0 KB ( 435200 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-06-18 16:04:26 UTC ( 11 months, 1 week ago )
Last submission 2018-06-27 20:53:12 UTC ( 11 months ago )
File names DllUpdates.exe
10.exe
output.113475888.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!